Archives

Next Stop : Utopia Island

Let us imagine for a moment a world without New Labour’s overarching Orwellian horror of a vision for a national ID card and the cripplingly expensive behemoth of a database that would be required to back it.

Ahh. Nice, isn’t it. Now, hold onto that thought for a moment, because in the first in this (possibly) series of posts I’m going to suggest that the functionality proposed for a biometric ID card, quite contrary from being used to enslave us all in some dystopian socialist police state, could in fact be a cornerstone of our future democracy. Yes, really.

Identity Politics

First up, what do we actually mean by ‘identity’ ? For the purposes of this post – hopefully the first in a series, and hopefully mercifully brief – we will cheat a bit and redefine ‘identity’ to mean a token issued to you by some third-party (the Electoral Commission, say) which can be used to prove your eligibility to do something (vote, in this case), and which, since it is unique to you, can be used to make sure you have only done it once. It can of course also be used in all transactions with the third-party, much like a ‘customer number’ of which it is a variant.

For our purposes, then, we have decoupled this from an actual ‘identity’, as traditionally defined. We assume that if it is necessary to prove eligibility or identity it is done at the point at which the token is issued.

We also assume, just for the purposes of this post mind you, that at the point of issue, the token is not actually associated with any identity information. Pie in the sky, no doubt, but let’s just assume it for now as we’re talking utopian techno democracy here.

Now, we don’t want anyone else to be able to get at this token and use it, or change it so we will encrypt it. In fact, it is probably already some kind of cryptographic token, we’ll get to the tech later, but basically the issuing party will have ‘signed‘ it cryptographically so that they can verify it has not been tampered with at the point of use.

Not just a pretty face

What we want now is some way to encrypt the token so that only you can decode it and use it. This is where the biometric part comes in. Please bear in mind that there are other ways of going about this that may be more appropriate. We will use biometrics only as an example.

Using a set (not a single one, oh no sir) of biometrics (or by some other method) we now generate a cryptographic key (or possibly a set thereof) and use one of them to encrypt the voting token which is stored on your ‘ID card’ At this point it is necessary to be weasely again, and redefine ‘ID card’ to mean some mechanism for storing identity data as defined for the purposes of this post. It may be in card form, but one way or another it will be some kind of computing device, like the chip on your Chip’n’Pin card.

At this point, only you can decrypt the token and use it. Still with me ? Good.

Third Party Politics

The key thing to remember at this point is that when you authenticate yourself in order to unlock this token, you do not do it with a third-party. This is quite different from NuLab’s proposed scheme where checks are made against a central database. In this model, you authenticate yourself to the ‘ID card’.

Your only interaction with a third-party begins with the presentation of the token. This may, or may not, infer further information about you.

Secure exchange is no robbery

Now we need some means to get the token securely to its destination, again we will use cryptography. Let’s assume that our existing protocols are secure and that as such we can easily set up a secure end to end connection much as we do every day with online shopping or banking.

Vote Early, Vote Often

Next thing to do is cast our vote! To prevent just anyone at the far end changing our vote (naughty!) we will also to encrypt that, we will encipher it with the ‘public key‘ of the third-party who issued our token. This means that only they can decipher it and read it.

Livin’ in America

Now then, we need to bring to mind for a moment the horrors of the epic fail that has befallen every e-voting system so far tried, particularly in the USA. Especially in California. Bearing in mind that most of these were straight replacements for other ‘in person’ voting methods, we need not dwell too much, but we need to overcome the major problems that they reveal.

The ones that concern us are twofold. We shall not fear to speak their names, which are Auditing and Transparency. Auditing we can deal with some more technical trickery, which we will explore in more depth later on. Transparency is something else entirely. I will explore this is some depth at a later date

For the purposes of this post, let us assume that the problems are surmountable.

Put ’em all together and whaddya got?

Well, what have we got ? It’s slightly different from the rather more statist, centralist model proposed by the Home Office and its pets, but we have many of the same ingredients. A card, some set of tokens for doing stuff with, and a way to make sure that only the person who is supposed to can access them (we are missing some very important technical mechanisms, but again, that’s for later)

To some extent, we have decoupled the card holder’s ‘identity’ from the contents of the card. As described, it doesn’t even need a photo on it. No policeman can stop the holder in the street and ask “papers, please”, because the only person who can get the data off the card is the person who can authenticate themselves to the card.

But what we can do with it is this. We can use it to provide a universal rolling plebiscite. Universal meaning that anyone who wants to vote (and is eligible to do so) can vote.

In this utopian e-voting world, we no longer need MPs to represent our interests in parliament, not that the fuckers do much of that in any case, because we can all do it for ourselves. No more representative democracy, a genuine, direct democratic process. What kind of ‘government’ you would need to support this kind of democracy is an interesting question, sadly outside the scope of this post.

And the really cool thing is that we can genuinely achieve much of this, from a technological point of view, already. The components are there, for the most part, as we shall see in a later digital democracy post.

And, of course, you could, in fact, still do this with Blunkett and Co’s National ID scheme. Although you’d still have to put up with all the other crap.